SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Netscape Vendors:   America Online, Inc.
(HP Describes Workaround) Netscape Network Security Services (NSS) Library SSLv2 Buffer Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1011039
SecurityTracker URL:  http://securitytracker.com/id/1011039
CVE Reference:   CVE-2004-0826   (Links to External Site)
Updated:  Sep 2 2004
Original Entry Date:  Aug 24 2004
Impact:   Execution of arbitrary code via network, Root access via network, User access via network
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in the Netscape Network Security Services (NSS) library. A remote user may be able to execute arbitrary code on the target system.

Internet Security Systems reported that there is a buffer overflow in the processing of Secure Sockets Layer (SSL) version 2 packets. A remote user can trigger the buffer overflow during SSLv2 connection negotiation to execute arbitrary code on the target system.

It is reported that the library does not properly validate the length of a user-supplied record field in the SSLv2 client hello message. Systems using the NSS library with SSLv2 are affected.

The NSS library is used by several Netscape products, including the Enterprise Server (NES), Personalization Engine (NPE), Directory Server (NDS), and Certificate Management Server (CMS). Sun One/iPlanet is also affected.

According to the report, SSLv2 is disabled by default on Netscape Enterprise Server and Sun One.

Mark Dowd of ISS X-Force is credited with discovering this flaw.

The original advisory is available at:

http://xforce.iss.net/xforce/alerts/id/180

Impact:   A remote user may be able to execute arbitrary code on the target system with the privileges of the target web server.
Solution:   HP indicates that you can disable all SSLv2 cipher suites to effectively mitigate these vulnerabilities. A description of how to disable SSLv2 for the Netscape Directory Server (NDS) and the Administration Server (AS) is provided at:

http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01070

Cause:   Boundary error
Underlying OS:  UNIX (HP/UX)
Underlying OS Comments:  11.00, 11.11, 11.23

Message History:   This archive entry is a follow-up to the message listed below.
Aug 23 2004 Netscape Network Security Services (NSS) Library SSLv2 Buffer Overflow Lets Remote Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC